X
Tap here to go to the mobile version of the site.

Support Forum

https://www.fbdelegatedcredentials.com Warning: Potential Security Risk Ahead

Posted

When I go to the web site Warning: https://www.fbdelegatedcredentials.com/ from my public IP address of 198.251.56.153 I get a message warning: potential security risk ahead. error:code SS:_error_bad_cert_domain. the site is a valid delegated credentials site.

Can anyone tell me why all of my Firefox Apps give this error?

When I go to the web site Warning: https://www.fbdelegatedcredentials.com/ from my public IP address of 198.251.56.153 I get a message warning: potential security risk ahead. error:code SS:_error_bad_cert_domain. the site is a valid delegated credentials site. Can anyone tell me why all of my Firefox Apps give this error?
Attached screenshots

Chosen solution

I think this site is faulty. Several networks identify this as not valid cert.

Read this answer in context 0
Quote

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:70.0) Gecko/20100101 Firefox/70.0

More Information

cor-el
  • Top 10 Contributor
  • Moderator
17564 solutions 158858 answers

You can see in the screenshot that the certificate is issued for fb.mvfst.net and isn't valid for fbdelegatedcredentials.com.

You can see in the screenshot that the certificate is issued for fb.mvfst''.''net and isn't valid for fbdelegatedcredentials''.''com.
Was this helpful to you?
Quote
McCoy
  • Top 10 Contributor
545 solutions 5143 answers

Hello Mace2,

Would you please try this :

Type in the address bar about:config and press Enter. (promise to be careful, if asked)

Type in the search bar and look for the preference :

security.tls.enable_delegated_credentials

And make sure that its value is set to true

If you had to change the value, then close and restart Firefox.

Hello Mace2, Would you please try this : Type in the address bar <code>about:config</code> and press Enter. (promise to be careful, if asked) Type in the search bar and look for the preference : <code>security.tls.enable_delegated_credentials</code> And make sure that its value is set to <code>true</code> If you had to change the value, then close and restart Firefox.
Was this helpful to you? 0
Quote

Question owner

I am using DOH and I am unable to get access to the site. I have set security.tls.enable_delegated_credentials to true and restarted but even if I did not I expect the site to be accessed.

I am using DOH and I am unable to get access to the site. I have set security.tls.enable_delegated_credentials to true and restarted but even if I did not I expect the site to be accessed.
Was this helpful to you?
Quote
McCoy
  • Top 10 Contributor
545 solutions 5143 answers

Mace2 said

I am using DOH and I am unable to get access to the site. I have set security.tls.enable_delegated_credentials to true and restarted but even if I did not I expect the site to be accessed.

Bummer !

I just tried it, and after changing the value to true, I now get a blank page when I try to access fbdelegatedcredentials.com.

Just now I found this (scroll down to the comments at the bottom of the page):

https://www.thesslstore.com/blog/delegated-credentials-facebook-mozilla-cloudflares-new-tls-protocol-explained/

I don't know if this applies here though, but maybe worth a try (waiting, that is)  ?

''Mace2 [[#answer-1267724|said]]'' <blockquote> I am using DOH and I am unable to get access to the site. I have set security.tls.enable_delegated_credentials to true and restarted but even if I did not I expect the site to be accessed. </blockquote> Bummer ! I just tried it, and after changing the value to true, I now get a blank page when I try to access fbdelegatedcredentials''.''com. Just now I found this (scroll down to the comments at the bottom of the page): https://www.thesslstore.com/blog/delegated-credentials-facebook-mozilla-cloudflares-new-tls-protocol-explained/ I don't know if this applies here though, but maybe worth a try (waiting, that is) ?
Was this helpful to you? 0
Quote
cor-el
  • Top 10 Contributor
  • Moderator
17564 solutions 158858 answers
See also: *https://blog.mozilla.org/security/2019/11/01/validating-delegated-credentials-for-tls-in-firefox/
Was this helpful to you?
Quote

Chosen Solution

I think this site is faulty. Several networks identify this as not valid cert.

I think this site is faulty. Several networks identify this as not valid cert.
Was this helpful to you?
Quote
McCoy
  • Top 10 Contributor
545 solutions 5143 answers

Mace2 said

I think this site is faulty. Several networks identify this as not valid cert.

If you have the value of that preference still set to "true"; would you try again please (if you haven't already, of course) ?

Unfortunately I can't try again, as I immediately after trying the first time, reset the value to "false".

It took that other user about 25 hours for it to work .....

''Mace2 [[#answer-1267871|said]]'' <blockquote> I think this site is faulty. Several networks identify this as not valid cert. </blockquote> If you have the value of that preference still set to "true"; would you try again please (if you haven't already, of course) ? Unfortunately I can't try again, as I immediately after trying the first time, reset the value to "false". It took that other user about 25 hours for it to work .....
Was this helpful to you? 0
Quote
McCoy
  • Top 10 Contributor
545 solutions 5143 answers

McCoy said

I just tried it, and after changing the value to true, I now get a blank page when I try to access fbdelegatedcredentials.com.

My mistake : the reason I got a blank page is the fact that I had turned off "Enhanced Tracking Protection" for that site, to see what would happen.

I turned it back on and got the warning (same thing using Edge).

Changed the value of that preference to "true" again; now I got the warning with the "Advanced" button - clicked "Accept the Risk and Continue": blank page ..... :(

I'll try again about 25 hours from now.



I've tried other test sites ( with the value of the preference set to "true"), but none of them did what we expect them to do.

Then I realized that this will currently only work in Firefox Nightly or Beta:

https://dc.crypto.mozilla.org

''McCoy [[#answer-1267727|said]]'' <blockquote> I just tried it, and after changing the value to true, I now get a blank page when I try to access fbdelegatedcredentials''.''com. </blockquote> My mistake : the reason I got a blank page is the fact that I had turned off "Enhanced Tracking Protection" for that site, to see what would happen. I turned it back on and got the warning (same thing using Edge). Changed the value of that preference to "true" again; now I got the warning with the "Advanced" button - clicked "Accept the Risk and Continue": blank page ..... :( I'll try again about 25 hours from now. -------------------------<BR> I've tried other test sites ( with the value of the preference set to "true"), but none of them did what we expect them to do. Then I realized that this will currently only work in Firefox Nightly or Beta: https://dc.crypto.mozilla.org

Modified by McCoy

Was this helpful to you? 0
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.